Security Event 4733 help sentinel Log analytic work space
Minghui Zou
186
Reputation points
Hi community experts!
I had trouble with the following issue. we have connected security events via OMS agent to Log analytic workspace. but we found something really interesting.
for security event log 4733, which is a user is removed from the AD, in the event viewer you can see the account name that is being removed! but in the LAW
we can not see the account that is being removed. we belived we have found similar issue.